Bruteforce GPG passphrase using script

Question

I have forgotten my passphrase for my gpg key on linux. Can someone please help me write a simple script to use bruteforce to crack the key? I remember some of the words which MIGHT be in the passphrase, so hopefully, it will not take long for my computer to bruteforce it.

All is not lost if I can't recover the passphrase, it just means I will not be able to work on my project for the next 10 days until I get back to work to get another copy of the files, but this time with a new key for which I will remember to passphrase.

However, it will be nice to be able to work on my project in these 10 days.

score 8 · Answer 1 · answered Dec 29 '10 at 13:14

8

Maybe something like:

#!/bin/bash
#

# try all word in words.txt
for word in $(cat words.txt); do 

  # try to decrypt with word
  echo "${word}" | gpg --passphrase-fd 0 --no-tty --decrypt somegpgfile.gpg --output somegpgfile;

  # if decrypt is successfull; stop
  if [ $? -eq 0 ]; then

    echo "GPG passphrase is: ${word}";
    exit 0;

  fi

done;

exit 1;

answered Dec 29 '10 at 13:14

tersmitten

1,310
1
9
23

Will this only work with whole words per line? What if I only remember part of the passphrase? – oshirowanen Dec 31 '10 at 10:42
1

You can generate a list of passphrases containing the part you remember – tersmitten Jan 20 '11 at 18:51

score 6 · Accepted Answer · answered Dec 25 '10 at 19:00

6

1) The script won't be simple, at least how you envisage "simple."

2) It will take a long time - that's the point of using pass phrases over simple passwords. Taking the time to write such a script, incorporating your words which may or may not be in the phrase plus a stab at iterating will probably take over ten days.

3) You probably will forget the next passphrase too.

4) Ooops!

Sorry dude, time to start a new project (at least to while away the next ten days - I suggest a passphrase cracker as an ideal distraction.)

Merry Christmas!

-Oisin

answered Dec 25 '10 at 19:00

x0n

51,312
7
89
111

3

>> Sorry dude, time to start a new project (at least to while away the next ten days.) I passphrase cracker? :D – oshirowanen Dec 25 '10 at 19:02
Yes, perfectly ironic project to start writing! (edited to include this wisecrack - pun intended) – x0n Dec 25 '10 at 19:04
1

lol, ok, i guess i just have to spend the next 10 days consuming excessive amounts of turkey and alcohol! – oshirowanen Dec 25 '10 at 19:14
I'm sure you can find something on github now, like https://github.com/mathewmarcus/bruteforce-gpg – Максим Шатов Apr 07 '21 at 15:04
@МаксимШатов He said next ten days, not years ;) – x0n Apr 12 '21 at 18:16

score 5 · Answer 3 · answered Jun 10 '13 at 19:38

5

Tersmitten's answer may be out of date.

echo "${word}" | gpg --passphrase-fd 0 -q --batch --allow-multiple-messages --no-tty  --output the_decrypted_file -d /some/input/file.gpg;

I used the above line with gpg 2.0.20 and libcrypt 1.5.2 to achieve the desired results.

answered Jun 10 '13 at 19:38

N Klosterman

1,231
14
23

Replacing the 8th line of tersmitten's code with yours worked for me. I used gpg (GnuPG) 2.2.20 and libgcrypt 1.8.7 (which is the latest as of Jan 2021). – Ghazali Jan 28 '21 at 10:17

Bruteforce GPG passphrase using script

3 Answers3